Can former employees steal your data?
Short answer, yes. Longer answer, stealing sensitive company information is more prevalent than many are willing to admit.
According to a 2009 Ponemon Institute survey, 53 percent of employees who have recently left a company admitted to stealing data on their way out by downloading information onto a CD or DVD, 42 percent onto a USB drive, and 38 percent sent attachments to a personal email account. This can be an alarming statistic for any company, yet it is especially alarming for start-ups considering the amount of employee turnover that comes with starting a business.
In Larry Ponemon’s opinion, the Founder and Chairman of the Ponemon Institute, “The survey's findings should sound the alarm across all industries: your sensitive data is walking out the door with your employees. Even if layoffs are not imminent, companies need to be more aware of who has access to sensitive business information.”
Let’s stop and take a second to digest what we just read. Consider if former employees had access to your intellectual property, financial projections, or active client lists? If the leaked info doesn’t directly jeopardize the company’s market share, the bad press and damage to the company’s image certainly will.
Yet what if you have never lost an employee, are you still at risk? Of course you are. Bill Brenner, senior editor for CSO Magazine and CSOonline.com, believes that “laid-off employees aren't as big a threat as those who remain on the inside with access to data they can sneak off to black marketers” Although it sounds like something out of a spy movie, the reality is that data theft and data leaks can cripple an entire company.
So how can you protect your company’s sensitive information?
1) Know who is accessing your data through an itemized audit log.
2) Control when and where they can access this info with user roles and customized permission levels.
3) Protect against malware and phishing attacks with two-factor authentication and secure login protocols.